package com.yishan.security.expression;

import com.yishan.security.domain.LoginUser;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * @author: yishan
 * @Date: 2022/9/1 15:43
 **/
@Component("ex")
@Slf4j
public class SGExpressionRoot {

    public boolean hasAuthority(String authority) {
        //获取当前登录人的权限
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        log.info("当前登录用户为={}，访问权限为={}", loginUser,permissions);
        return permissions.contains(authority);

    }


}
